Author
Topic: Default deny rule IPv4 (Read 195 times)

Hello everyone, I have a firewall pfsense community edition 2.4.2-RELEASE-p1.Today, suddenly, the firewall has begun to block traffic to one of our webservers.On pfsense I installed reverse proxy to manage the addressing to different webservers.In the firewall logs I find this line Default deny rule IPv4 (1000000103) or Default deny rule IPv4 (1000000104) for the TCP: R protocol.I can not understand why this happened suddenly, until this morning everything worked and it's been months that everything worked perfectly.Has anyone encountered this problem and can help me solve it?Thank you and good job to everybody.Luke

Hi I have already read this post, but my problem persists.I have already restarted everything, but nothing changes, the firewall continues to block the TCP: R without any reason and prevents the resource from working.Thanks.

So a RST (reset).. Yeah that is going to be blocked if there is no state.. And if there was a state that normally tears it down the FAST way... Normally tcp sessions are ended all nice and proper with a fin, fin,ack and everyone is done talking and the firewall sees this and removes the state.. Do you understand what a state is and how a tcp session is created and torn down?

A RST in a nutshell in TCP a shut the F up sort of way of tearing down the session.

- An intelligent man is sometimes forced to be drunk to spend time with his fools.- Please don't PM me for personal help- if you want to say thanks applaud or https://www.freebsdfoundation.org/donate/1x SG-2440 2.4.2-RELEASE-p1 (work)1x SG-4860 2.4.2-RELEASE-p1 (home)

And sorry but a R sent to your wan IP yes would be blocked.. Only a SYN would be allowed and open a state...

Vs looking at what is just in your firewall rules, why don't you do a packet capture and watch the traffic... Be more than happy to send traffic to your domain/IP so you can sniff and sees what happens, etc.

Logged

- An intelligent man is sometimes forced to be drunk to spend time with his fools.- Please don't PM me for personal help- if you want to say thanks applaud or https://www.freebsdfoundation.org/donate/1x SG-2440 2.4.2-RELEASE-p1 (work)1x SG-4860 2.4.2-RELEASE-p1 (home)

I am glad your not seeing the issue you were having.. But such a solution is not really a solution.... Since you have no idea what was the root.. Blocking RST to the wan is what should happen.. If there was no state or was after a state was closed..

A sniff would of be very very informative to what the problem actually was.

Logged

- An intelligent man is sometimes forced to be drunk to spend time with his fools.- Please don't PM me for personal help- if you want to say thanks applaud or https://www.freebsdfoundation.org/donate/1x SG-2440 2.4.2-RELEASE-p1 (work)1x SG-4860 2.4.2-RELEASE-p1 (home)